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DETAILED ACTION 

1. Claims 1-47 have been examined and are pending. 



Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 
that form the basis for the rejections under this section made in this Office 
action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for patent 
or (2) a patent granted on an application for patent by another filed in the United States 
before the invention by the applicant for patent, except that an international application 
filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application 
designated the United States and was published under Article 21(2) of such treaty in the 
English language. 

2. Claims 1-33 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Andrews (US 6,574,736). 
As per claim 1: 

Andrews discloses a method for controlling interprocess communication, 
the method comprising: 

defining rules indicating which system services a given application can 
invoke; (col.9, lines 34-38 and 49*55) 

trapping an attempt by a particular application to invoke a particular 
system service; (col. 15, lines 20-22 and col.21, lines 35-37) 
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identifying the particular application that is attempting to invoke the 
particular system service; and (col.20, lines 15-16 and col. 22, lines 13-18 
and 30-32) 

based on identity of the particular application and on the rules indicating 
which system services a given application can invoke (col. 14, lines 56-59), 
blocking the attempt when the rules indicate that the particular application 
cannot invoke the particular system service, (col.22, lines 1-9) . 
As per claim 2: See col. 15, lines 20-21; discussing the method of claim 1, 
wherein said trapping step includes intercepting operating system calls for 
invoking the particular system service. 

As per claim 3: See col. 15, lines 20-21; discussing the method of claim 1, 
wherein said trapping step includes intercepting local procedure calls for 
invoking the particular system service. 

As per claim 4: See col. 16, lines 65-67 and coL21, lines 35-37; 

discussing the method of claim 1, wherein said trapping step includes 
intercepting an attempt to open a communication channel to the particular 
system service. 

As per claim 5: See col. 16, lines 17-31; discussing the method of claim 1, 
wherein said trapping step includes rerouting an attempt to invoke the 
particular system service from a system dispatch table to an interprocess 
communication controller for determining whether to block the attempt based 
on the rules. 
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As per claim 6: See col. 8, lines 56-64; discussing the method of claim 5, 
wherein said step of rerouting attempts to invoke the particular system service 
from a dispatch table to the interprocess communication controller includes 
replacing an original destination address in the system dispatch table with an 
address of the interprocess communication controller. 

As per claim 7: See col.8, lines 58-59; discussing the method of claim 6, 
further comprising the steps of: retaining the original destination address; and 
using the original destination address for invoking the particular system 
service if the interprocess communication controller determines not to block 
the attempt. 

As per claim 8: See col.9, lines 34-36; discussing the method of claim 1, 
wherein the rules specifying which system services a given application can 
invoke are established based on user input. 

As per claim 9: See col. 14, line 53 - col. 15, line 3; discussing the method 
of claim 1, wherein the step of blocking the attempt is based upon consulting a 
rules engine for determining whether the particular application can invoke the 
particular system service. 

As per claim 10: See col. 22, lines 1-9; discussing the method of claim 1, 
wherein the step of blocking the attempt includes obtaining user input as to 
whether the particular application can invoke the particular system service. 
As per claim 11: See col. 15, lines 20-30 and col. 23, lines 7-14; discussing 
the method of claim 10, wherein said step of obtaining user input as to 
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whether the particular application can invoke the particular system service 
includes the substeps of: providing information to the user about the particular 
application that is attempting to invoke the particular system service; and 
receiving user input as to whether the particular application should be blocked 
from invoking the particular system service. 

As per claim 12: See col. 2, lines 47-49; discussing the computer-readable 
medium having computer-executable instructions for performing the method of 
claim 1. 

As per claim 13: See col.l, lines 10-30; discussing the downloadable set of 
computer-executable instructions for performing the method of claim 1. 
As per claim 14: 

Andrews discloses in a computer system, a method for regulating 
communications between processes, the method comprising: 

defining a policy specifying whether one process may communicate with 
another process; (col.9, lines 34-38 and 49-55) 

intercepting an attempt by a first process to communicate with a second 
process; (col. 15, lines 20-22 and col. 21, lines 35-37) 

identifying the first process that is attempting to communicate with the 
second process; (col.20, lines 33-57 and coL22, lines 1-3) 

identifying the second process; (col. 13, lines 2-3 and col.21, lines 49- 

67) 
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based on said policy, determining whether the first process may 
communicate with the second process; and (col. 14, lines 56-59 and coL22, 
lines 13-18 and 30-32) 

allowing the first process to communicate with the second process if said 
policy indicates that the first process may communicate with the second 
process, (col.22, lines 25-57) 

As per claim 15: See col. 2, lines 55-57; discussing the method of claim 14, 
wherein the first process comprises an instance of an application program. 
As per claim 16: See col. 2, lines 55-57; discussing the method of claim 14, 
wherein the second process comprises a system service. 
As per claim 17: See col. 15, lines 20-22 and col.21, lines 35-37; 
discussing the method of claim 14, wherein said intercepting step includes 
intercepting operating system calls made by the first process to attempt to 
communicate with the second process. 

As per claim 18: See col.15, lines 20-21; discussing the method of claim 14, 
wherein said intercepting step includes detecting local procedure calls. 
As per claim 19: See col. 16, lines 65-67 and col.21, lines 35-37; 

discussing the method of claim 14, wherein said intercepting step includes 
detecting an attempt by the first process to open a communication channel to 
the second process. 

As per claim 20: See col.col.15, lines 34-40 and col. 16, lines 17-31; 

discussing the method of claim 14, wherein said intercepting step includes 
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rerouting attempts by the first process to communicate with the second 
process from a system dispatch table to an interprocess communication 
controller. 

As per claim 21: See col. 20, lines 33-57 and col. 22, lines 1-3; discussing 
the method of claim 14, wherein said step of identifying the second process 
includes evaluating parameters of the attempt made by the first process to 
communicate with the second process. 

As per claim 22: See col. 8, lines 55-66 and coL9, lines 50-55; discussing 
the method of claim 14, wherein said policy specifies particular processes to be 
protected from communications made by other processes. 

As per claim 23: See col.l, lines 42-52 and col. 22, lines 25-57; discussing 
the method of claim 14, further comprising: providing for a process to be 
registered in order to be protected from communications made by other 
processes; and determining whether to allow the first process to communicate 
with the second process based, at least in part, upon determining whether the 
second process is registered. 

As per claim 24: See coL7, lines 35-47; discussing the method of claim 23, 
wherein said determining step is based, at least in part, on the type of 
communication the first process is attempting with the second process. 
As per claim 25: 

Andrews discloses a method for controlling interprocess communications 
from one application to another, the method comprising: 
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registering a first application to be protected from other applications; 
(col. 12, lines 35-67) 

detecting an attempt to access the first application using interprocess 
communication; (col. 20, lines 33-57 and col. 22, lines 1-3) 

identifying a second application that is attempting to access the first 
application using interprocess communication; and (col. 13, lines 2-3 and 
col.21, lines 49-67) 

rerouting the attempt to access the first application through an 
interprocess communication controller that determines whether to allow the 
attempt, based on rules indicating whether the second application may access 
the first application using interprocess communication, (col.6, lines 42-43 
and col. 22, lines 25-57) 

As per claim 26: See col. 16 lines 1-8; iscussing the method of claim 25, 
wherein said registering step includes supplying rules specifying particular 
communications from which the first application is to be protected. 
As per claim 27: See col. 15, lines 35-41 and col.22, lines 25-57; 

discussing the method of claim 26, wherein the interprocess communication 
controller determines whether to allow the attempt based, at least in part, upon 
the rules specifying particular communications from which the first application 
is to be protected. 

As per claim 28: See col. 15, lines 20-22 and col.21, lines 35-37; 

discussing the method of claim 25, wherein said detecting step includes 
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intercepting operating system calls for accessing the first application. 
As per claim 29: See col.10, lines 55-56; discussing the method of claim 25, 
wherein said detecting step includes detecting a graphical device interface 
(GDI) message sent to the first application. 

As per claim 30: See coL20, lines 33-57 and col. 22, lines 1-3; discussing 
the method of claim 29, wherein said identifying step includes evaluating 
parameters of the message sent to the first application. 

As per claim 31: See col.7, lines 23-24; discussing the method of claim 25, 
wherein said detecting step includes detecting an attempt to send keystroke 
data to a window of the first application. 

As per claim 32: See col.7, lines 23-25; discussing the method of claim 25, 
wherein said detecting step includes detecting an attempt to send mouse 
movement data to a window of the first application. 
As per claim 33: See col. 15, lines 35-41 and col. 22, lines 25-57; 

discussing the method of claim 25, wherein said rerouting step includes 
rerouting the attempt to access the first application from a system dispatch 
table to the interprocess communication controller. 

As per claim 34: See col. 16, line 65-coL17, line 5; discussing the method of 
claim 25, wherein said rules indicating whether the second application may 
access the first application includes rules indicating particular types of 
communications which are allowed. 

As per claim 35: See col. 15, lines 35-41 and col. 22, lines 25-57; 
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discussing the method of claim 25, further comprising: if the interprocess 
communication controller allows the attempt to access the first application, 
routing the attempt to the first application. 
As per claim 36: 

Andrews discloses a system for regulating interprocess communication 
between applications, the system comprising: 

a policy specifying applications (coL9, lines 34-38 and 49-55) that are 
permitted to communicate with a first application using interprocess 
communication; (col.20, lines 33-57 and col. 22, lines 1-3) 

a module for detecting a second application attempting to communicate 
with the first application using interprocess communication; and (col. 13, lines 
2-3 and coL21, lines 49-67) 

an interprocess communication controller for identifying the second 
application attempting to communicate with the first application and 
determining whether to permit the communication based upon the 
identification of the second application and the policy specifying applications 
permitted to communicate with the first application, (col. 6, lines 42-43 and 
col.22, lines 25-57) 

As per claim 37: See col. 16 lines 1-8; scussing the system of claim 36, 
wherein said policy includes rules indicating particular types of 
communications which are permitted. 

As per claim 38: See col. 15, lines 35-41 and col.22, lines 25-57; 
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discussing the system of claim 36, further comprising: a rules engine for 
specifying applications that are permitted to communicate with the first 
application using interprocess communication. 

As per claim 39: See col. 12, lines 35-67; discussing the system of claim 36, 
further comprising: a registration module for establishing said policy. 
As per claim 40: See col. 12, lines 35-67; discussing the system of claim 39, 
wherein said registration module provides for identifying applications to be 
governed by said policy. 

As per claim 41: See col. 16, line 65-coL17, line 5; discussing the system of 
claim 36, wherein said module for detecting a second application detects an 
operating system call to open a communication channel to the first application. 
As per claim 42: See col. 10, lines 55-56; discussing the system of claim 36, 
wherein said module for detecting a second application detects a graphical 
device interface (GDI) message sent to the first application. 
As per claim 43: See col. 13, lines 2-3 and col.21, lines 49-67; discussing 
the system of claim 36, wherein said module for detecting a second application 
detects a local procedure call attempting to access the first application. 
As per claim 44: See col. 15, lines 35-41 and col. 22, lines 25-57; 
discussing the system of claim 36, wherein said module for detecting a second 
application redirects attempts to communicate with the first application to the 
interprocess communication controller. 

As per claim 45: See col. 15, lines 35-41 and col. 22, lines 25-57; 
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discussing the system of claim 36, wherein said module for detecting a second 
application reroutes the attempt to communicate with the first application from 
a dispatch table to the interprocess communication controller. 
As per claim 46: See col. 15, lines 35-41 and col. 22, lines 25-57; 

discussing the system of claim 36, wherein said interprocess communication 
controller determines whether to permit the communication based, at least in 
part, upon evaluating parameters of the attempt made by the second 
application to communicate with the first application. 

As per claim 47: See col. 16, line 65-coL17, line 5 and col. 22, lines 25-57; 

discussing the system of claim 36, wherein said interprocess communication 
controller determines whether to permit the communication based upon 
obtaining user input as to whether to permit the second application to 
communicate with the first application. 



Conclusion 

Any inquiry concerning this communication or earlier communications 
from the examiner should be directed to LEYNNA T. HA whose telephone 
number is (571) 272-3851. The examiner can normally be reached on Monday 
- Thursday (7:00 - 5:00PM). 
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If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached on (571) 272-3859. The fax 
phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see 
http://pair-direct.uspto.gov. Should you have questions on access to the 
Private PAIR system, contact the Electronic Business Center (EBC) at 866-217- 
9197 (toll-free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 
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